package com.itools.core.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

/**
 * @project: itools-backend
 * @description:
 * @author: XUCHANG
 * @create: 2021-06-21 16:13
 */
@RestController
public class AccountController {

    @GetMapping("/current")
    public Principal user(Principal principal) {
        return principal;
    }

    @GetMapping("/query")
    @PreAuthorize("hasAnyAuthority('query')")
    public Authentication query() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication;
    }

    @GetMapping("/query2")
    @PreAuthorize("hasAnyAuthority('query2')")
    public String query2() {
        return "具有query2权限";
    }

    @PreAuthorize("hasAnyAuthority('test1')")
    @GetMapping("/test1")
    public String test() {
        return "test1";
    }
}
